Home Forums Article Discussions Article Discussions by Author Discuss Content Posted by Michael Coles Free Encryption RE: Free Encryption

  • July 21, 2005 at 7:41 am

    #576069

    Thanks for the feedback.  I wouldn't go so far as to encrypt all your data.  If that's what you're looking to do, then you should probably look for a file-level encryption service.  With column level encryption it's better to pick and choose which columns are most sensitive.  For instance, an SSN column might be a prime candidate for encryption.

    As for encryption/decryption, there are two xp's for that:  xp_blowfishencrypt will encrypt your data; xp_blowfishdecrypt will perform the decryption for you.  A standard process might look like this:

    1.  Load data into table

    2.  Encrypt sensitive column(s)

    3.  When user requests data that includes encrypted data, decrypt the data before returning it to the user.

    4.  If the user updates the data that is to be stored in an encrypted column, be sure to encrypt it again before updating it.

    There are some sample SQL scripts included with the code, in the \SampleSQL directory of the ZIP file.  Just load them into Query Analyzer and run them.  I provided them as SQL scripts to make it easier to figure out how to use them in your own applications.